hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
remove-javascript
codeql/csharp/ql/test/query-tests/Security Features/CWE-502/DeserializedDelegate/DeserializedDelegateBad.cs
Raul Garcia (MSFT) cb8dcf7db2 Publishing queries to the OSS Semmle repository
2019-10-22 09:55:39 +01:00

15 lines
302 B
C#
Raw Permalink Blame History

using System;
using System.IO;
using System.Runtime.Serialization.Formatters.Binary;
class Bad
{
public static int InvokeSerialized(FileStream fs)
{
var formatter = new BinaryFormatter();
// BAD
var f = (Func<int>)formatter.Deserialize(fs);
return f();
}
}
Reference in New Issue View Git Blame Copy Permalink